Friday, February 11, 2011

Trojans and Passwords

A few years ago my thumb-drive caught a Trojan from one of the computers in an undergraduate lab. It wasn't very sophisticated, and it's mechanism of action was quite simple to grasp; it simply copied itself to the thumb-drive and modified the autorun.inf such that the Trojan would run once inserted. Quite easy to remove, if you knew what to do.

Fast forward a few years, and now I'm teaching in the same lab. And my thumb-drive caught a Trojan again. It's quite probable that the source of infection is one (or more!) of the lab computers. Goes to show what happens to resources that are shared amongst many. I'm now thinking of getting a write-protected thumb-drive for special use.

The incident did make me more security conscious, though. I've changed all my online passwords. Pretty much time, anyway. The old one was left unchanged for too long. Wonder how long this one will last.